Sounds like more of a hassle than a blessing. From what that says, unless they're in a whitelist, they have to respond to an e-mail. What happens with those e-mails that will sometimes get sent through from services that always say &amp;Do not reply to this message...&amp;? And really, who's going to want to force everyone that e-mails them to send a reply back so their e-mail comes through? It's a neat idea, I just don't see it as a viable one to make anyone use.

I dunno, it's such a tough problem I am ready to give up. I know someone who uses this and he says it's awesome and has really licked the spam problem for him. I sent him an email and got back a reply to this thingie...which I did, but before even doing it he got back to me, so somehow the email came through...I still don't fully understand how it works but if a user is happy with it, which is more than I can say for any other system, makes me want to look at it. If I can spare a few brain cycles :p

Anyone had any luck with this? I've got it working for main users, but not for other accounts.

Sounds like more of a hassle than a blessing. From what that says, unless they're in a whitelist, they have to respond to an e-mail. What happens with those e-mails that will sometimes get sent through from services that always say &Do not reply to this message...&? And really, who's going to want to force everyone that e-mails them to send a reply back so their e-mail comes through? It's a neat idea, I just don't see it as a viable one to make anyone use.

Click to expand...

It actually is a blessing... and very clever, too. You can auto-whitelist addresses you send email to, and for those "do not reply" type messages you can use keyword or time-sensitive email addresses that are modifications of your normal email address.

Lots of people are using TMDA, and it's quite viable for them. I would love to have it work for our clients.

What I would like, especially with my spam load, is "Trigger addresses". When an email is sent to such a "trigger address" (probably defined as an admin), it then blackholes ALL inbound connections from that IP address at the firewall level for 12-24hours. That way, at least it'll make a dent in the "dictionary attack" style spam runs I've been getting (i.e. lots of spam to addresses that never existed and never will - and usually it's the same addresses being hit over and over again).

Making SpamAssassin a bit more "user configurable" (either root WHM or User Cpanl) would be nice as well: I would love to be able to easily increase the "weighting" given to IP addresses listed in certain blacklists.